package org.shock.ss.sms.dao.system.impl;

import java.sql.PreparedStatement;
import java.sql.ResultSet;

import org.shock.ss.sms.bean.system.User;
import org.shock.ss.sms.commons.db.DbTools;
import org.shock.ss.sms.commons.db.ProxoolDbPool;
import org.shock.ss.sms.commons.utils.Encryption;

import org.shock.ss.sms.commons.dao.impl.BaseDaoImpl;
import org.shock.ss.sms.dao.system.UserDao;
import com.fr.third.org.apache.poi.hssf.record.formula.functions.Result;

public class UserDaoImpl extends BaseDaoImpl<org.shock.ss.sms.bean.system.User> implements UserDao {
	/** 用于用户登录验证 防止注入 */
	public String checkUser(String code, String pwd) throws Exception {
		PreparedStatement ps;
		ResultSet rs;
		conn = ProxoolDbPool.getConnection();
		sql = "select ygzh from "+User.getTable()+" where ygzh=? and ygmm=?";
		ps = conn.prepareStatement(sql);
		ps.setString(1, code);
		ps.setString(2, Encryption.getEncrypt(pwd));
		rs = ps.executeQuery();
		String ygzh = null;
		while (rs.next()) {
			ygzh = rs.getString("ygzh");
		}
		rs.close();
		ps.close();
		return ygzh;
	}

	public String checkUserPki(String sfz) throws Exception {
		PreparedStatement ps;
		ResultSet rs;
		conn = ProxoolDbPool.getConnection();
		sql = "select ygzh from "+User.getTable()+" where ygsfz=?";
		ps = conn.prepareStatement(sql);
		ps.setString(1, sfz);
		rs = ps.executeQuery();
		String ygzh = null;
		while (rs.next()) {
			ygzh = rs.getString("ygzh");
		}
		rs.close();
		ps.close();
		return ygzh;
	}
}
